ELUARD MARC (FR)
MAETZ YVES (FR)
VINCENT CHRISTOPHE (FR)
ELUARD MARC (FR)
MAETZ YVES (FR)
| EP0561685A2 | 1993-09-22 | |||
| EP1128250A2 | 2001-08-29 | |||
| US20020029347A1 | 2002-03-07 |
| CLAIMS 1. Method for acquisition of a software application stored in a software application distribution unit (20), said application comprises at least one instruction and is intended to be supplied to a computer unit of a user, called a user computer unit (10), the method being characterized in that it comprises the following steps: - a step of generating, in an electronic security module (30) connected to said user computer unit, an item of user information (S') that is associated with an item of identification information (ID) identifying the software application to be supplied, said user information (S') being generated from a secret (S) stored in said electronic security module, - a step of transmitting via the electronic security module (30) of said user information (S') and of said identification information (ID) to the software application distribution unit (20), - a step of processing, in a software application distribution unit (20), at least one instruction from the software application identified by said identification information (ID) by means of a protection function (p) using said user information (S'), in a way to protect said software application, and - a step of communicating, via the software application distribution unit (20), the protected application to said user computer unit. 2. Method according to claim 1, characterized in that the user information (S') is generated in said electronic security module (30) at least from said secret (S) and the identification information (ID). 3. Method according to claim 2, characterized in that the user information (S') is generated by applying to said identification information (ID) a derivation function (d) using said secret (S). 4. Method according to claim 1, characterized in that said method is repeated with the same electronic security module for the acquisition of a plurality of software applications. 5. Method for processing aiming to remove protection, on a user computer unit (10 or 10') to which is connected said electronic security module (30), from a protected software application acquired according to the method of one of the claims 1 to 4, characterized in that it comprises the following steps: - regenerating, in said electronic security module, the user information (S') associated with the protected software application, and - processing the protected software application by means of a function, called the protection removal function (dp), and able to remove protection from a protected application by means of said protection function. 6. Method according to claim 5, characterized in that the protection removal function (dp) is present in the electronic security module (30) and the processing of the protected application by means of said protection removal function (dp) is carried out in said electronic security module, the application with protection removed being communicated to the user computer unit. 7. Method according to claim 5, characterized in that the protection removal function (dp) is present in the user computer unit (10 or 10') and the processing of the protected application by means of said protection removal function is carried out in said user computer unit using the user information (S') generated by said user electronic module. |
Domain of the invention
The present invention relates to the acquisition of protected software from a software distribution unit and their protection on a user computer unit.
Technological background of the invention
There currently exists a significant need to prevent the illegal copy and/or use of software applications. Up to the present, three protection techniques are known to prevent the illegal copying and/or use of software applications.
The first technique, requiring no specific hardware, consists in providing with the software a password or secret key to prevent individuals who do not have this pass word using the software. The password is for example a series number pre-recorded in the software.
The software is then only authorized to function if the password entered by the user corresponds to the pre-recorded password. The software and the password are preferably transmitted separately to the user. The disadvantage of this technique is that the password may be, intentionally or not, divulged by the client. The level of protection of such a technique is thus not very high.
The second technique, commonly called "hardware soldering" consists in extracting one or several physical parameters of the computer intended to receive the software and in customizing the software with the physical parameter(s) so that it is authorized to function only on the computer having the extracted physical parameter(s). This physical parameter can be for example a MAC address. The application is thus authorized to function only on the computer having this MAC address. The disadvantage of this technique is that the client can use the software only on a single computer and can not even change computer.
Finally, a third technique consists in associating an electronic security module with the software. This electronic security module is provided with the software at time of purchase. The electronic security module designates an integrated circuit comprising a nonvolatile memory (ROM) with items of secret information, for example the usage rights of a software application. Such an electronic security module is found for example in the form of a hardware lock or "dongle" At start-up and/or different execution stages of the software, the software verifies the presence of usage rights in the electronic security module and only continues its execution if the usage rights associated with said software are present in the electronic security module. With this technique, a software application is authorized to function on a computer only if the electronic security module comprising the usage rights to this software is connected to this computer. Such an electronic security module being difficult to copy or duplicate, illegal use of the software becomes unlikely. The disadvantage of this technique is that, the electronic security module being attached to a specific software application, the protection of n software applications requires the provision of n electronic security modules.
Summary of the invention
The invention aims to overcome some or all of the disadvantages described above. In particular, one purpose of the invention is to propose a solution enabling a plurality of software applications to be protected with a single electronic security module, said electronic security module being employed at each new software acquisition and at each use of the software application.
According to the invention, an electronic security module belonging to the user who wants to acquire a software application is used. This module contains information that is specific to the user and that are not linked to a specific software application. According to the invention, the electronic security module of the user communicates to the distribution unit an item of user information, said user information is then used by the distribution unit to protect the software application prior to communicating it to the user. Hence, the user receives the software application that is protected on the basis of an item of user information delivered by the electronic security module. Only this user, by means of his electronic security module, is then in a position to remove the protection of the software application received.
More specifically, the invention relates to a method for acquisition of a software application stored in a software application distribution unit, said application comprises at least one instruction and is intended to be supplied to a computer unit of a user, called a user computer unit, said method being characterized in that it comprises the following steps :
- a step of generating, in an electronic security module connected to said user computer unit, an item of user information specific to said user that is associated with an item of identification information identifying the software application to be supplied, said user information being generated from a secret stored in said electronic security module,
- a step of transmitting via the electronic security module of said user information and of said identification information to the software application distribution unit,
- a step of processing, in a software application distribution unit, at least one instruction from the software application identified by said identification information by means of a protection function using said user information, in a way to protect said software application, and
- a step of communicating, via the software application distribution unit, the protected application to said user computer unit and possibly said identification information.
According to a particularity of the invention, the user information is generated from said secret and the identification information of the application to be acquired. The user information is generated by applying a derivation function on said identification information using the secret contained in the security module. Consequently, the user information generated by the electronic security module changes with each new software application acquisition.
According to a particularity of the invention the method is repeated with the same electronic security module for the acquisition of a plurality of software applications. Hence, a single electronic security module is used to acquire different software applications. The invention also relates to a method for processing for the purpose of removing protection, on a user computer unit to which is connected said electronic security module, from a protected software application acquired according to the method described above. This user computer unit may or may not be the user computer unit used during the acquisition. If this user computer unit is different to that used during the acquisition, the protected application is transferred into this new user computer unit prior to removal of the protection.
The method for processing comprises the following steps:
- regenerating, in said electronic security module, the user information associated with the protected software application, and
- processing the protected software application by means of a function, called the protection removal function, using said user information, able to remove protection from a protected application by means of the protection function of the software application distribution unit.
According to a particular embodiment, the protection removal function is present in the electronic security module. The processing of the protected software application by means of said protection removal function is thus carried out in the electronic security module then the application with protection removed is communicated to the user computer unit.
As a variant, the protection removal function is present in the user computer unit. The processing of the protected software application by means of said protection removal function is carried out in the user computer unit using the user information generated by said user electronic module.
Brief description of the figures
The invention will be better understood, and other aims, details, characteristics and advantages will appear more clearly over the course of the detailed description which follows in referring to the figures in the appendix, showing in: - figure 1, the simplified diagram of a system able to implement the method according to a particular embodiment of the invention,
- figure 2, a diagram showing the steps to transmit a software application according to a particular embodiment of the invention, and
- figure 3, a diagram showing the steps to execute the application transmitted according to the diagram of figure 2 according to a particular embodiment of the invention.
Detailed description of the invention
The invention relates to a method for acquisition of a protected software application and a method for removal of the protection of this protected software application.
More specifically, the invention relates to a method for acquisition of a software application stored in a software application distribution unit, said application comprises at least one instruction and is intended to be supplied to a computer unit of a user, called a user computer unit. This method comprises the following steps:
- a step of generating, in an electronic security module connected to said user computer unit, an item of user information specific to said user that is associated with an item of identification information identifying the software application to be supplied, said user information being generated from a secret stored in said electronic security module,
- a step of transmitting via the electronic security module of said user information and of said identification information to the software application distribution unit,
- a step of processing, in a software application distribution unit, at least one instruction from the software application identified by said identification information by means of a protection function using said user information, in a way to protect said software application, and
- a step of communication, via the software application distribution unit, of the protected application to said user computer unit and possibly said identification information. Thus, the software application transmitted by the software applications distribution unit is protected via an item of user information provided by the electronic security module of the user. This same electronic security module is used each time the user wants to download a software application. At each new acquisition of an application, the electronic security module delivers an item of user information and the software application distribution unit uses this user information to protect the application. Hence, a single electronic security module is used to acquire different software applications.
The method for processing aiming to remove the protection of the software application can be implemented in any user computer unit equipped with an electronic security module.
Figure 1 shows a system able to implement the method for acquisition of a protected software application and the method for protection removal according to a particular embodiment of the invention. This system comprises a user computer unit 10 communicating, via a communication network 40, with a software application distribution unit 20. The software application distribution unit 20 is a server, a database, a computer, etc.
The application distribution unit 20 stores a plurality of software applications. For each software application, the unit 20 stores the computer programme pgm of the application and an item of identification information ID. The unit also stores a function p, called protection that will serve to protect the application to be supplied to the user computer unit 10.
The user computer unit 10 designates any device type able to exchange information or data with a unit and to which can be connected an electronic security module of dongle or smartcard type. This user computer unit is for example a games console or mobile telephone belonging to the user.
An electronic security module 30 is connected to the user computer unit 10. The electronic security module 30 designates, within the scope of the invention, an integrated circuit comprising at least one item of secret information and at least one derivation function using said secret information. The electronic security module 30 is connected to an input/output port of the user computer unit 10, for example a USB port, or is connected to the user computer unit 10 via a specific interface device, for example a smartcard reader. It can be in different forms, notably in the form of a dongle or smartcard.
In a variant, the electronic security module 30 is internal to the user computer unit 10 and has for example the form of a TPM
(Trusted Platform Module) module.
In the example of the system shown in figure 1, the electronic security module 30 contains a secret S, a derivation function d to generate an item of user information and another protection removal function dp to remove the protection of software applications protected by the protection function p. These different functions are described in more detail hereafter.
The transmission network 40 is a network, such as the telephone network, able to transport data between the user computer unit
10 and the software application distribution unit 30.
According to a particular embodiment of the invention, the acquisition of an application from the software application distribution unit 20 via the user computer unit 10 is carried out as shown in figure 2.
According to a first step El, the user computer unit 10 communicates the identification information ID identifying the software application to be acquired to the electronic security module 30, this identification information ID having been previously supplied to the user computer unit 10 by the unit 20 and selected by the user in a list of identification information.
According to a step E2, the electronic security module 30 generates, using its secret S, an item of user information S' that is associated with the identification information ID. The user information S' is generated by applying the derivation function d on the identification information ID, the derivation function d using the secret S. Then we have S'=d(S,ID). The derivation function d is for example an algorithm DES (Data Encryption Standard) using the secret S as an encryption key and the identification information ID as data. According to another non- restrictive example, the derivation function is a logical function realising an Exclusive- OR operation between the identification information and the secret S.
As a variant, the electronic security module 30 generates from the secret S the user information S' then associates it with the identification information ID, the link between the information S' and the identification information ID being stored in a memory of the module 30.
According to a step E3, the electronic security module 30 transmits the user information S' and the identification information ID to the software application distribution unit 20 via the user computer unit 10. Advantageously, this transmission is carried out on a security authenticated channel well known in the encryption domain. The security authenticated channel enables data to be securely transited between two authenticated entities so that a third party can not have knowledge of or modify the information thus transmitted.
According to a step E4, the software application distribution unit 20 then protects at least one instruction of the programme pgm identified by the identification information ID by means of the protection function p using the user information S'. The protection function p is for example an encryption algorithm of AES (Advanced Encryption Standard) type using the user information S' as an encryption key. The protection function p is applied to one or several instruction of the software application or over the totality of the instructions of the application. This gives: pgm' = p(S',pgm) where pgm' designates the protected version of the software application pgm.
According to a step E5, the software application distribution unit 20 communicates to the user computer unit 10 the protected software application pgm' and the associated identification information ID. In a variant, the software application distribution unit 20 only communicates with the protected application pgm', the identification information ID having been saved in the user computer unit at step E3.
Each time the client wants to acquire a new application this process is reiterated using the same electronic security module 30. At each new application acquisition the electronic security module 30 delivers an item of user information S' that is preferably new. All the protected applications received by the user computer unit 10 can then have their protection removed using the electronic security module 30 used for the acquisition.
The protected application supplied by the unit 20 can then have its protection removed on the user computer unit 10 that was used in the acquisition, or after transfer, on another user computer unit 10'. It suffices simply to connect the electronic security module 30 having served in the acquisition to the user computer unit on which the user wants to remove the protection of the application. The protection removal operation can be carried out before the execution of the application or during the execution of the application.
The protection removal operation is shown in figure 3. The electronic security module 30 is connected to the user computer unit 10 or 10'.
According to a step E6, the user computer unit 10 or 10' transmits to the electronic security module 30 the protected programme pgm' and the identification information ID of the application.
According to a step E7, the electronic security module regenerates, from the secret S and the identification information ID, the user information S' associated with the identification information ID by performing S'=d(S,ID) then removes protection from the protected programme pgm' by means of the protection removal function dp using the user information S'. The programme with protection removed pgm =dp(S',pgm') is thus obtained, which is transmitted via the electronic security module 30 to the user computer unit 10 or 10' (step E8).
In a variant, the protection removal operation is performed in the user computer unit. In this variant, the protection removal function dp is present in the user computer unit 10 or 10' and the protected programme pgm' is not transmitted to the electronic security module 30. The electronic security module 30 generates the user information S' from the identification information ID then transmits it to the user computer unit. This latter removes the protection from the application pgm' using user information S' supplied by the module 30. With this method, the application is protected in the software application distribution unit with an item of user information S' from the user and, once transmitted to the user, the protected software application can have its protection removed on any user computer unit to which is connected the electronic security module used during the acquisition of the software application. Hence the software application can be acquired or downloaded from a first computer unit then have its protection removed on another unit. Moreover, this method only requires a single electronic security module to acquire a plurality of software applications. Though the invention has been described in relation to a specific embodiment, it is evident that this is in no way restricted and that it comprises all technical equivalents of the means described as well as their combinations if these enter into the scope of the invention.